ByteOS Network

NVD Vulnerability Details :

CVE-2026-25500

Received

Source-security-advisories@github.com

Published At-18 Feb, 2026 | 20:18

Updated At-18 Feb, 2026 | 20:18

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, `Rack::Directory` generates an HTML directory index where each file entry is rendered as a clickable link. If a file exists on disk whose basename starts with the `javascript:` scheme (e.g. `javascript:alert(1)`), the generated index contains an anchor whose `href` is exactly `javascript:alert(1)`. Clicking the entry executes JavaScript in the browser (demonstrated with `alert(1)`). Versions 2.2.22, 3.1.20, and 3.2.5 fix the issue.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Type: Secondary

Version: 3.1

Base score: 5.4

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	security-advisories@github.com

CWE ID: CWE-79

Type: Primary

Source: security-advisories@github.com

References

Hyperlink	Source	Resource
https://github.com/rack/rack/commit/f2f225f297b99fbee3d9f51255d41f601fc40aff	security-advisories@github.com	N/A
https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp	security-advisories@github.com	N/A

Hyperlink: https://github.com/rack/rack/commit/f2f225f297b99fbee3d9f51255d41f601fc40aff

Source: security-advisories@github.com

Resource: N/A

Hyperlink: https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp

Source: security-advisories@github.com

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History